Digital Detox 4: Better passwords & password management

My grandmother’s Facebook account was hacked over the holidays. Afterwards, she posted, “I don’t know how they figured out my password which was ‘outhouse’….so I have a new one now.” I know she was picturing someone hunkered over their computer, spending hours focused solely on guessing her password.

That’s not the way it works. Humans are not typically trying to hack into your accounts one painstaking guess at a time. Hackers have machines for that—very fast machines—that use a combination of complex algorithms; all the words in the dictionary; common substitutions, capitalizations, and special characters; and, worst of all, a collection of 1.4 billion exposed usernames and passwords from an aggregate of privacy breaches. These machines are so fast they can try 8.2 billion password combinations per second. Additionally, “password reuse, combined with the frequent use of email addresses as usernames, means that once hackers have plucked login credentials from one site, they often have the means to compromise dozens of other accounts, too.” (Source: ARS Technica)

It took a hacker approximately 1.3 milliseconds to break into my grandma’s account.

Are you at risk? Check out this free resource to quickly assess if an online account of yours has been compromised or “pwned” in a data breach.

Here are some actions you can take to have better passwords and password management:

Do not reuse passwords across different accounts. Using the same password even once significantly reduces your security.